Category Archives: Spyware

SONY BMG MUSIC ENTERTAINMENT – cp.sonybmg.com/xcp
We share the concerns of consumers regarding these discs, and we are instituting a program that will allow consumers to exchange any CD with XCP software for the same CD without copy protection. We also have asked our retail partners to remove all unsold CDs with XCP software from their store shelves and inventory. We will make further details of this program available shortly.

We deeply regret any inconvenience this may cause our customers and we are committed to making this situation right. It is important to note that the issues regarding these discs exist only when they are played on computers, not on conventional, non-computer-based CD and/or DVD players.

Our new initiatives follow the measures we have already taken, including last weekâ€™s voluntary suspension of the manufacture of CDs with the XCP software. In addition, to address security concerns, we provided to major software and anti-virus companies a software update, which also may be downloaded at http://cp.sonybmg.com/xcp/english/updates.html. We will shortly provide a simplified and secure procedure to uninstall the XCP software if it resides on your computer.

Well – they didn’t really have a choice did they?
This is the comment and the link to the “de cloaking” method that Sony and it’s team have made available to their “customers” (read victims)…

XCP Support Software Updates
This Service Pack removes the cloaking technology component that has been recently discussed in a number of articles published regarding the XCP Technology used on SONY BMG content protected CDs. This component is not malicious and does not compromise security. However to alleviate any concerns that users may have about the program posing potential security vulnerabilities, this update has been released to enable users to remove this component from their computers.

Well, took a while to find but this is on the Sony website. Not what I would Call detailed!

Sony Music USA
A traditional audio CD when placed in an audio CD player, CD EXTRA offers a free interactive multimedia experience when played in a computer’s CD-ROM drive *. CD EXTRA offers the music fan a closer look at their favorite artists, with many CD EXTRAs containing exclusive content.

As already posted, They forget to mention a closer look and interactive experience of seeing your system crashing or your CD drive disappearing if you try to remove their poorly designed rootkit based DRM!

I came across this as a link at Geek news central, as well as noticing it on Digg amongst other places. There is rarely something that makes me stand back in awe and amazement – and also makes me mad as hell – but this is one of those times.
The people at Sysinternals – who have developed the Root Kit Revealer to detect the worst possible forms of computer invasion – have now found a Root Kit installed by Sony as part of their DRM. – A poorly coded root kit too! AND, from all reports, it is NOT covered in the EULA.

Mark’s Sysinternals Blog: Sony, Rootkits and Digital Rights Management Gone Too Far
The entire experience was frustrating and irritating. Not only had Sony put software on my system that uses techniques commonly used by malware to mask its presence, the software is poorly written and provides no means for uninstall. Worse, most users that stumble across the cloaked files with a RKR scan will cripple their computer if they attempt the obvious step of deleting the cloaked files.

The awe and amazement is a reflection of the detailed and comprehensive analysis they took to discover this critter and the fact that they posted each step along the way. The depth of analysis was common 20 years ago with a small DOS system – but within a windows machine nowadays – and using many routines that they wrote themselves I think that they deserve an award.
PLEASE go to their site and read this – then take your Sony merchandise back and ask for a refund.